Page 39 of 44 FirstFirst ... 293132333435363738394041424344 LastLast
Results 951 to 975 of 1081
  1. #951
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    The thing is HooHoo I could have said this:

    "Some of the interesting techniques GoldenHelper uses include randomization of name whilst in transit, randomization of file system location, timestomping, IP-based DGA (Domain Generation Algorithm), UAC bypass and privilege escalation."
    But you wouldn't understand any of it because you're not very bright.

  2. #952
    Thailand Expat OhOh's Avatar
    Join Date
    Jul 2010
    Last Online
    Yesterday @ 08:43 PM
    Location
    Where troubles melt like lemon drops
    Posts
    25,222
    Quote Originally Posted by harrybarracuda View Post
    But you wouldn't understand any of it
    Every business has it's own metalanguage and I didn't get past this:

    Quote Originally Posted by harrybarracuda View Post
    Some of the interesting techniques GoldenHelper uses include ......... zzzzzzzzz
    1. Issued a spec,
    2. Review techies application,
    3. If 2 < 1. Go 1 else go 4
    4. Issue a internal comments doc.
    5. Wait zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
    6. If 2 < 1. Go 5 else go 1
    5. Sell the App.
    6. Spend bonus on frivolities

    Impressive eh, or am I missing a critical loop?

    Got to keep the recipe's a secret, lines 2. - 4. eh.

    *** The Security News Thread  ***-kfc-jpg
    A tray full of GOLD is not worth a moment in time.

  3. #953
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    Quote Originally Posted by OhOh View Post
    Impressive eh, or am I missing a critical loop?
    Oh look, HooHoo's resorting to the waffle again.

    Let's just repeat the story so it sinks in:

    The chinkies planted malware and backdoors in a tax program that the chinkies had forced foreign companies to use.


    So Hoohoo resorts to talking about KFC as if somehow this is more important.


  4. #954
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    I've met Alex half a dozen times over recent years. The last time I found him propping up the pool bar at the birthplace of the Pina Colada wearing an England footy shirt. With these two in charge the sloppy Solarwinds security team are about to experience a world of hurt, and I'm sure several will be headed for the exits.

    SolarWinds has hired the former head of the US Cybersecurity and Infrastructure Security Agency (CISA), Chris Krebs, in an effort to recover from last month’s cyber attack which left 18,000 customers exposed to what are believed to be Russian hackers.

    Krebs was the first director of CISA, which was founded in 2018 as a part of US Homeland Security. He also led the effort to maintain the cyber safety of the 2020 US presidential election and was famously fired by President Trump after he proclaimed the election to be the most secure ever in US history.

    SolarWinds has also taken on Facebook CSO Alex Stamos, who was previously hired by Zoom to help the video conferencing provider boost its security following incidents of ‘Zoom-bombing’, which led to numerous companies and institutions banning the use of the platform.

    Krebs and Stamos have recently formed a security consulting business, of which expertise SolarWinds is now expected to benefit from.
    SolarWinds hires former Trump cyber security chief | IT PRO

  5. #955
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    The Solarwinds security team needs a big shock right about now, and hopefully those two leaders can deliver it.

  6. #956
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    Quote Originally Posted by TTraveler View Post
    The Solarwinds security team needs a big shock right about now, and hopefully those two leaders can deliver it.
    Stamos in particular is a big fan of red teaming!

  7. #957
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555

  8. #958
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    Quote Originally Posted by harrybarracuda View Post
    Bejaysus what a mess.
    The good news: they found it.
    But one must wonder how many more strains are in the system that haven't been found.

  9. #959
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    Quote Originally Posted by TTraveler View Post
    The good news: they found it.
    But one must wonder how many more strains are in the system that haven't been found.
    I got invited to an InfoBlox presentation yesterday. I sort of mentioned that spending six figures on a package that didn't detect shitloads of outbound DNS exfiltration wasn't really my thing.


  10. #960
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    Millions of Social Profiles Leaked by Chinese Data-Scrapers
    More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. and elsewhere.

    The leak stems from a misconfigured ElasticSearch database owned by Chinese social-media management company SocialArks, which contained personally identifiable information (PII) from users of Facebook, Instagram, LinkedIn and other platforms, according to researchers at Safety Detectives.

    The server was found to be publicly exposed without password protection or encryption during routine IP-address checks on potentially unsecured databases, researchers said. It contained more than 318 million records in total.

    Millions of Social Profiles Leaked by Chinese Data-Scrapers | Threatpost
    Last edited by TTraveler; 14-01-2021 at 06:21 AM. Reason: formatting

  11. #961
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    Built-in backdoors and vulnerabilities and straight away you think of one country...

    Multiple backdoors and vulnerabilities discovered in FiberHome routers

    At least 28 backdoor accounts found in FiberHome FTTH ONT routers.

    At least 28 backdoor accounts and several other vulnerabilities have been discovered in the firmware of a popular FTTH ONT router, widely deployed across South America and Southeast Asia.


    FTTH ONT stands for Fiber-to-the-Home Optical Network Terminal. These are special devices fitted at the end of optical fiber cables. Their role is to convert optical signals sent via fiber optics cables into classic Ethernet or wireless (WiFi) connections.


    FTTH ONT routers are usually installed in apartment buildings or inside the homes or businesses that opt for gigabit-type subscriptions.


    In a report published last week, security researcher Pierre Kim said he identified a large collection of security issues with FiberHome HG6245D and FiberHome RP2602, two FTTH ONT router models developed by Chinese company FiberHome Networks.


    The report describes both positive and negative issues with the two router models and their firmware.

    For example, the positive issues are that both devices do not expose their management panel via the IPv4 external interface, making attacks against its web panel impossible via the internet. Furthermore, the Telnet management feature, which is often abused by botnets, is also disabled by default.


    However, Kim says that FiberHome engineers have apparently failed to activate these same protections for the routers' IPv6 interface. Kim notes that the device firewall is only active on the IPv4 interface and not on IPv6, allowing threat actors direct access to all of the router's internal services, as long as they know the IPv6 address to access the device.
    Multiple backdoors and vulnerabilities discovered in FiberHome routers | ZDNet

  12. #962
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    Quote Originally Posted by harrybarracuda View Post
    Built-in backdoors and vulnerabilities and straight away you think of one country...
    Couldn't possibly be the country that hoards its researchers and the vulnerabilities they discover...

    They say you don't notice something good until it's gone. With China's decision to restrict its information security researchers from participating in global hacking competitions, we're about to see what that looks like on the global "zero day" stage.

    For over a decade Pwn2Own ... brought together security talent from across the globe in a friendly hacking competition that is a cornerstone of research and advancement on par with Black Hat and Def Con.

    China's hackers routinely win, sweeping the board -- notably, the Tencent and Keen teams. Pwn2Own is good-natured, and all in the name of researchers finding big bugs, nabbing great bounties and drawing attention to security holes and zero-days that need to be fixed.

    But (since 2018), China is no longer allowing its researchers to compete.
    https://www.engadget.com/2018-03-16-chinese-hackers-pwn2own-no-go.html

    *** The Security News Thread  ***-china-not-found-png

  13. #963
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    I bet you can't guess whose dodgy, backdoor-infested shit this is aimed at.

    On January 20th President Biden signed an Executive Order that in part suspended the implementation of President Trump's May 1, 2020 order halting the use of components produced by hostile foreign states in the Bulk Power System:

    Sec 7 (c) Executive Order 13920 of May 1, 2020 (Securing the United States Bulk-Power System), is hereby suspended for 90 days. The Secretary of Energy and the Director of OMB shall jointly consider whether to recommend that a replacement order be issued.

  14. #964

  15. #965
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    A strangely targeted attack...

    A mysterious hacking group has compromised the server infrastructure of a popular Android emulator and has delivered malware to a handful of victims across Asia in a highly-targeted supply chain attack.
    The attack was discovered by Slovak security firm ESET on January 25, last week, and targeted BigNox, a company that makes NoxPlayer, a software client for emulating Android apps on Windows or macOS desktops.
    ESET says that based on evidence its researchers gathered, a threat actor compromised one of the company's official API (api.bignox.com) and file-hosting servers (res06.bignox.com).
    Using this access, hackers tampered with the download URL of NoxPlayer updates in the API server in order to deliver malware to NoxPlayer users.
    "Three different malware families were spotted being distributed from tailored malicious updates toselected victims, with no sign of leveraging any financial gain, but rather surveillance-related capabilities," ESET said in a report shared today with ZDNet.
    Despite evidence implying that attackers had access to BigNox servers since at least September 2020, ESET said the threat actor didn't target all of the company's users but instead focused on specific machines, suggesting this was a highly-targeted attack looking to infect only a certain class of users.
    Until today, and based on its own telemetry, ESET said it spotted malware-laced NoxPlayer updates being delivered to only five victims, located in Taiwan, Hong Kong, and Sri Lanka.
    Hacker group inserted malware in NoxPlayer Android emulator | ZDNet

  16. #966
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    Finally some good news.
    U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court.

    Chainalysis has traced more than $46 million worth of funds in NetWalker ransoms since it first came on the scene in August 2019
    *** The Security News Thread  ***-netwalker-hacker-300x214-png

    Sebastien Vachon-Desjardins was living his best life between Miami and Ottawa, Canada, after pulling in at least $27.6 million from ransomware operation NetWalker. Appears his expertise was targeting healthcare organizations. He gets extra scumbag points for doing so during a pandemic.
    Arrest, Seizures Tied to Netwalker Ransomware — Krebs on Security

  17. #967
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    I look forward to a massive jail sentence for this PoS.

  18. #968
    Thailand Expat OhOh's Avatar
    Join Date
    Jul 2010
    Last Online
    Yesterday @ 08:43 PM
    Location
    Where troubles melt like lemon drops
    Posts
    25,222
    Quote Originally Posted by TTraveler View Post
    hopefully those two leaders can deliver it.
    ameristani leaders "delivering".


  19. #969
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    Quote Originally Posted by OhOh View Post
    ameristani leaders "delivering".

    HooHoo is quite happy to see chinky government spies destroying livehoods.

    He is quite spiteful.

  20. #970
    Thailand Expat Backspin's Avatar
    Join Date
    Oct 2019
    Last Online
    @
    Posts
    11,260
    Lol now they are telling us it was China that did the Solarwinds hack.


    Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources | Financial Post


    First Russia did the Afganstan bounties. Then China did the Afganistan bounties

    Intel on China bounties called ‘less' credible than Russia payments - POLITICO

  21. #971
    Member

    Join Date
    Jan 2020
    Last Online
    01-08-2023 @ 11:33 PM
    Posts
    510
    "An online community promoting female escorts and reviews of their services has suffered a data breach after a hacker downloaded the site's database."

    "EscortReviews.com is an adult online vBulletin forum community that allows US and Mexico-based escorts to promote their services, share profile pictures, contact information, and biographies to prospective clients. Clients can then post reviews about their experiences with the particular escort."

    Backspin will be happy no one is blaming China. Yet.


    http://Female escort review site dat...70,000 members

  22. #972
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    Quote Originally Posted by TTraveler View Post
    "An online community promoting female escorts and reviews of their services has suffered a data breach after a hacker downloaded the site's database."

    "EscortReviews.com is an adult online vBulletin forum community that allows US and Mexico-based escorts to promote their services, share profile pictures, contact information, and biographies to prospective clients. Clients can then post reviews about their experiences with the particular escort."

    Backspin will be happy no one is blaming China. Yet.


    http://Female escort review site dat...70,000 members
    Hmmm

    "She wanted Bt500. I tried to borrow the money off some stranger outside a shop, but he only lent me Bt100 and he made me buy him a beer with it. I think he was mocking me. 0/5 do not recommend - S. Mark, Thailand)"

  23. #973
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    A quite good write-up on Microsoft Defender, the free antivirus client built into Windows.

    It's worth noting that it's a decent a/v tool in its own right, but there is a downloadable Configuration Tool that exposes all the hidden settings, and the article makes some sensible suggestions as to which ones to enable.

    Link here:

    Decoding Microsoft Defender’s hidden settings | Computerworld

  24. #974
    Thailand Expat harrybarracuda's Avatar
    Join Date
    Sep 2009
    Last Online
    @
    Posts
    96,555
    Shit's getting real.

    Hackers breach, attempt to poison Florida city's water supply

    Hackers breach, attempt to poison Florida city's water supply | TheHill

  25. #975
    Thailand Expat jabir's Avatar
    Join Date
    Jul 2016
    Last Online
    @
    Posts
    12,009
    Quote Originally Posted by harrybarracuda View Post
    A quite good write-up on Microsoft Defender, the free antivirus client built into Windows.

    It's worth noting that it's a decent a/v tool in its own right, but there is a downloadable Configuration Tool that exposes all the hidden settings, and the article makes some sensible suggestions as to which ones to enable.

    Link here:

    Decoding Microsoft Defender’s hidden settings | Computerworld
    Had a look, fortunately my system seems to be working ok so I won't be fiddling with stuff that I don't understand, esp without Butterfly to save the day. Took a couple of decades to sink in, but my pioneer 'what happens if I click this' days often ended in a full reinstall, lost data and other shit.

Page 39 of 44 FirstFirst ... 293132333435363738394041424344 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •